Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
484
Views
0
Helpful
3
Replies

PPPOE Tunnel ACL between Pix515 and Router

Go to solution
keyyo0200
Level 1
Level 1

‎02-09-2008 11:36 PM

Coporate site have Pix515 and remote site has router. I have a tunnel setup from a remote site to the corporate office. I am looking for information on ACL's to apply to the dialer interface to allow ipsec/ isakmp and all traffic from corporate office to remote site. Do you allow the public address of PIX to access remote router with ipsec/ isakmp traffic and corporate private network address for pop3/ smtp and udp.

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
hadbou
Level 5
Level 5

‎02-14-2008 12:48 PM

The PIX with the dynamic address will look something like the Tiger config and the other PIX will

look something like the Lion config.

http://www.cisco.com/warp/public/110/38.html

View solution in original post

0 Helpful

Go to solution
iraban
Level 1
Level 1

‎02-19-2008 06:50 AM

yes you have to add ACLS on the dialer interafce on the router.

what you would do is assuming subnet A is behind router and subnet B is next to the Pix.

On A you would permit A's local subnet to A's remote i.e permit A to B and on the pix just the reverse. and no you dont define the public ip in the interesting traffic.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
hadbou
Level 5
Level 5

‎02-14-2008 12:48 PM

The PIX with the dynamic address will look something like the Tiger config and the other PIX will

look something like the Lion config.

http://www.cisco.com/warp/public/110/38.html

0 Helpful

Go to solution
keyyo0200
Level 1
Level 1
In response to hadbou

‎02-15-2008 01:26 PM

I have the PPPOE router to PIX up and running. I am looking for information on adding and ACL to the dialer interface on the router to prevent unwanted traffic from entering the router. I have no problem with the PIX configuration.

0 Helpful

Go to solution
iraban
Level 1
Level 1

‎02-19-2008 06:50 AM

yes you have to add ACLS on the dialer interafce on the router.

what you would do is assuming subnet A is behind router and subnet B is next to the Pix.

On A you would permit A's local subnet to A's remote i.e permit A to B and on the pix just the reverse. and no you dont define the public ip in the interesting traffic.

0 Helpful
Customers Also Viewed These Support Documents